Get A SHAKEN Identity Token (Alexander Perkins)
Please look at this https://issues.asterisk.org/jira/browse/ASTERISK-28924
I have a solution that works for any version of Asterisk, if interested contact me at venefax at the Google mail service.
Please look at this https://issues.asterisk.org/jira/browse/ASTERISK-28924
I have a solution that works for any version of Asterisk, if interested contact me at venefax at the Google mail service.
3 thoughts on - Get A SHAKEN Identity Token (Alexander Perkins)
“I have a commercial solution that works for any version of Asterisk, if interested contact me at venefax at the Google mail service.”
Fixed. If you’re going to post a commercial solution on a non-commercial forum, at least be up front about it.
—
Thanks in advance,
————————————————————————-
Steve Edwards sedwards@sedwards.com Voice: +1-760-468-3867 PST
https://www.linkedin.com/in/steve-edwards-4244281
—
Greetings all,
Just so everyone is aware I previously gave a final warning on commercial solicitation on the asterisk-users mailing list to this individual[1]. As they’ve continued to do so I’ve removed them from the mailing list. You are free to communicate with them directly.
Cheers,
[1] http://lists.digium.com/pipermail/asterisk-users/2020-July/295208.html
Thanks Joshua, that was warranted IMO. I have to admit I am curious about his solution, though, and maybe we can turn this into a discussion about how we are handling STIR/SHAKEN collectively.
Our biggest issue is the fact that we use (our own) LCR to choose outbound routes for calls in real-time. An outbound call could end up on any of several upstream providers, not necessarily the one that
“owns” the DID that is making the outbound call. Because of this we cannot rely on our upstreams to be the originating carriers – they won’t be able to sign for calls from DID numbers they have no record of. We aren’t alone in this, and Bandwidth.com is making noise about this issue and the “forward” problem, where we bounce a call to another number, and the original token info is lost. I’m pretty sure this lands us in the
“need to be an originating provider and generate crypt tokens”. I’m only just beginning diving into what that entails.
So how does this guy get around it? It sounds to me like he is offering to sign calls for whoever, which IMO totally defeats the purpose. So if I am some spammer and find my calls are rejected, I can just get him to sign them for me? If I were him I would get a bunch of lawyers ready for when he becomes responsible for what they end up doing. Isn’t that the whole idea?
Cheers,
Jeff LaCoursiere StratusTalk, Inc.